35,215 research outputs found
Seamless and Secure VR: Adapting and Evaluating Established Authentication Systems for Virtual Reality
Virtual reality (VR) headsets are enabling a wide range of new
opportunities for the user. For example, in the near future users
may be able to visit virtual shopping malls and virtually join
international conferences. These and many other scenarios pose
new questions with regards to privacy and security, in particular
authentication of users within the virtual environment. As a first
step towards seamless VR authentication, this paper investigates
the direct transfer of well-established concepts (PIN, Android
unlock patterns) into VR. In a pilot study (N = 5) and a lab
study (N = 25), we adapted existing mechanisms and evaluated
their usability and security for VR. The results indicate that
both PINs and patterns are well suited for authentication in
VR. We found that the usability of both methods matched the
performance known from the physical world. In addition, the
private visual channel makes authentication harder to observe,
indicating that authentication in VR using traditional concepts
already achieves a good balance in the trade-off between usability
and security. The paper contributes to a better understanding of
authentication within VR environments, by providing the first
investigation of established authentication methods within VR,
and presents the base layer for the design of future authentication
schemes, which are used in VR environments only
OXIDATION OF SILICON - THE VLSI GATE DIELECTRIC
Silicon dominates the semiconductor industry for good reasons. One factor is the stable, easily formed, insulating oxide, which aids high performance and allows practical processing. How well can these virtues survive as new demands are made on integrity, on smallness of feature sizes and other dimensions, and on constraints on processing and manufacturing methods? These demands make it critical to identify, quantify and predict the key controlling growth and defect processes on an atomic scale.The combination of theory and novel experiments (isotope methods, electronic noise, spin resonance, pulsed laser atom probes and other desorption methods, and especially scanning tunnelling or atomic force microscopies) provide tools whose impact on models is just being appreciated. We discuss the current unified model for silicon oxidation, which goes beyond the traditional descriptions of kinetic and ellipsometric data by explicitly addressing the issues raised in isotope experiments. The framework is still the Deal-Grove model, which provides a phenomenology to describe the major regimes of behaviour, and gives a base from which the substantial deviations can be characterized. In this model, growth is limited by diffusion and interfacial reactions operating in series. The deviations from Deal-Grove are most significant for just those first tens of atomic layers of oxide which are critical for the ultra-thin oxide layers now demanded. Several features emerge as important. First is the role of stress and stress relaxation. Second is the nature of the oxide closest to the Si, both its defects and its differences from the amorphous stoichiometric oxide further out, whether in composition, in network topology, or otherwise. Thirdly, we must consider the charge states of both fixed and mobile species. In thin films with very different dielectric constants, image terms can be important; these terms affect interpretation of spectroscopies, the injection of oxidant species and relative defect stabilities. This has added importance now that P-b concentrations have been correlated with interfacial stress. This raises further issues about the perfection of the oxide random network and the incorporation of interstitial species like molecular oxygen.Finally, the roles of contamination, particles, metals, hydrocarbons etc are important, as is interface roughness. These features depend on pre-gate oxide cleaning and define the Si surface that is to be oxidized which may have an influence on the features listed above
PlaceRaider: Virtual Theft in Physical Spaces with Smartphones
As smartphones become more pervasive, they are increasingly targeted by
malware. At the same time, each new generation of smartphone features
increasingly powerful onboard sensor suites. A new strain of sensor malware has
been developing that leverages these sensors to steal information from the
physical environment (e.g., researchers have recently demonstrated how malware
can listen for spoken credit card numbers through the microphone, or feel
keystroke vibrations using the accelerometer). Yet the possibilities of what
malware can see through a camera have been understudied. This paper introduces
a novel visual malware called PlaceRaider, which allows remote attackers to
engage in remote reconnaissance and what we call virtual theft. Through
completely opportunistic use of the camera on the phone and other sensors,
PlaceRaider constructs rich, three dimensional models of indoor environments.
Remote burglars can thus download the physical space, study the environment
carefully, and steal virtual objects from the environment (such as financial
documents, information on computer monitors, and personally identifiable
information). Through two human subject studies we demonstrate the
effectiveness of using mobile devices as powerful surveillance and virtual
theft platforms, and we suggest several possible defenses against visual
malware
DoubleEcho: Mitigating Context-Manipulation Attacks in Copresence Verification
Copresence verification based on context can improve usability and strengthen
security of many authentication and access control systems. By sensing and
comparing their surroundings, two or more devices can tell whether they are
copresent and use this information to make access control decisions. To the
best of our knowledge, all context-based copresence verification mechanisms to
date are susceptible to context-manipulation attacks. In such attacks, a
distributed adversary replicates the same context at the (different) locations
of the victim devices, and induces them to believe that they are copresent. In
this paper we propose DoubleEcho, a context-based copresence verification
technique that leverages acoustic Room Impulse Response (RIR) to mitigate
context-manipulation attacks. In DoubleEcho, one device emits a wide-band
audible chirp and all participating devices record reflections of the chirp
from the surrounding environment. Since RIR is, by its very nature, dependent
on the physical surroundings, it constitutes a unique location signature that
is hard for an adversary to replicate. We evaluate DoubleEcho by collecting RIR
data with various mobile devices and in a range of different locations. We show
that DoubleEcho mitigates context-manipulation attacks whereas all other
approaches to date are entirely vulnerable to such attacks. DoubleEcho detects
copresence (or lack thereof) in roughly 2 seconds and works on commodity
devices
Recommended from our members
Modelling the Spread of Botnet Malware in IoT-Based Wireless Sensor Networks
The propagation approach of a botnet largely dictates its formation, establishing a foundation of bots for future exploitation. The chosen propagation method determines the attack surface, and consequently, the degree of network penetration, as well as the overall size and the eventual attack potency. It is therefore essential to understand propagation behaviours and influential factors in order to better secure vulnerable systems. Whilst botnet propagation is generally well-studied, newer technologies like IoT have unique characteristics which are yet to be thoroughly explored. In this paper, we apply the principles of epidemic modelling to IoT networks consisting of wireless sensor nodes. We build IoT-SIS, a novel propagation model which considers the impact of IoT-specific characteristics like limited processing power, energy restrictions, and node density on the formation of a botnet. Focusing on worm-based propagation, this model is used to explore the dynamics of spread using numerical simulations and the Monte Carlo method, and to discuss the real-life implications of our findings
- …